Two-factor authentication (2FA) adds an extra security layer by requiring users to provide two forms of identification before accessing Light. This article explains 2FA and other security features.
Last updated Feb 18, 2026 · 2 min read
2FA requires two independent verification methods to log in:
Even if someone obtains your password, they cannot access your account without the second factor. This significantly reduces the risk of unauthorized account access.
Light uses a secure authentication provider to manage login and 2FA. Two-factor authentication is configured through the login flow rather than from within the Light application settings. Contact your company administrator to enable 2FA requirements for your organization.
Once 2FA is enabled for your account, you will be prompted for a verification code each time you log in with your email and password.
If you forget your password:
If you're locked out and cannot reset via email, contact your company administrator.
Light uses API keys for programmatic access and integrations. API keys are managed under Settings → API keys ().
The API keys page shows all keys with their name, key prefix, assigned role, status, and creation date.
To create an API key:
API keys can have one of two statuses:
Active - The key is valid and can be used for API calls.
Revoked - The key has been deactivated and can no longer be used.
Important: The full key is only displayed once at creation. If lost, revoke the key and generate a new one.
Your personal profile is managed under Settings → Profile (), which includes:
Contact Information - Your name, email, phone number, and address details.
User Settings - Preferences for appearance (light/dark mode), numeric format, CSV data separator, and sidebar behavior.
Reimbursement Details - Bank information for expense reimbursements (bank country, IBAN, BIC/SWIFT, account details).
Organization Details - Read-only view of your assigned access roles, entity, level, and groups.
Was this article helpful?